nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 22:53:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Turn hs_subcredential_t into a proper struct.

Browse Source
This commit is contained in:
Nick Mathewson 2020-01-16 18:27:25 -05:00
parent 3484608bda
commit 4532c7ef6a
23 changed files with 125 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/core/crypto/hs_ntor.c
View File

@ -170,7 +170,7 @@ get_rendezvous1_key_material(const uint8_t *rend_secret_hs_input,
* necessary key material, and return 0. */ * necessary key material, and return 0. */
static void static void
get_introduce1_key_material(const uint8_t *secret_input, get_introduce1_key_material(const uint8_t *secret_input,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out)
{ {
uint8_t keystream[CIPHER256_KEY_LEN + DIGEST256_LEN]; uint8_t keystream[CIPHER256_KEY_LEN + DIGEST256_LEN];
@ -181,7 +181,7 @@ get_introduce1_key_material(const uint8_t *secret_input,
/* Let's build info */ /* Let's build info */
ptr = info_blob; ptr = info_blob;
APPEND(ptr, M_HSEXPAND, strlen(M_HSEXPAND)); APPEND(ptr, M_HSEXPAND, strlen(M_HSEXPAND));
APPEND(ptr, subcredential, DIGEST256_LEN); APPEND(ptr, subcredential->subcred, SUBCRED_LEN);
tor_assert(ptr == info_blob + sizeof(info_blob)); tor_assert(ptr == info_blob + sizeof(info_blob));
/* Let's build the input to the KDF */ /* Let's build the input to the KDF */
@ -317,7 +317,7 @@ hs_ntor_client_get_introduce1_keys(
const ed25519_public_key_t *intro_auth_pubkey, const ed25519_public_key_t *intro_auth_pubkey,
const curve25519_public_key_t *intro_enc_pubkey, const curve25519_public_key_t *intro_enc_pubkey,
const curve25519_keypair_t *client_ephemeral_enc_keypair, const curve25519_keypair_t *client_ephemeral_enc_keypair,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out)
{ {
int bad = 0; int bad = 0;
@ -450,7 +450,7 @@ hs_ntor_service_get_introduce1_keys(
const ed25519_public_key_t *intro_auth_pubkey, const ed25519_public_key_t *intro_auth_pubkey,
const curve25519_keypair_t *intro_enc_keypair, const curve25519_keypair_t *intro_enc_keypair,
const curve25519_public_key_t *client_ephemeral_enc_pubkey, const curve25519_public_key_t *client_ephemeral_enc_pubkey,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out) hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out)
{ {
int bad = 0; int bad = 0;

13
src/core/crypto/hs_ntor.h
View File

@ -35,11 +35,20 @@ typedef struct hs_ntor_rend_cell_keys_t {
uint8_t ntor_key_seed[DIGEST256_LEN]; uint8_t ntor_key_seed[DIGEST256_LEN];
} hs_ntor_rend_cell_keys_t; } hs_ntor_rend_cell_keys_t;
#define SUBCRED_LEN DIGEST256_LEN
/**
* A 'subcredential' used to prove knowledge of a hidden service.
**/
typedef struct hs_subcredential_t {
uint8_t subcred[SUBCRED_LEN];
} hs_subcredential_t;
int hs_ntor_client_get_introduce1_keys( int hs_ntor_client_get_introduce1_keys(
const struct ed25519_public_key_t *intro_auth_pubkey, const struct ed25519_public_key_t *intro_auth_pubkey,
const struct curve25519_public_key_t *intro_enc_pubkey, const struct curve25519_public_key_t *intro_enc_pubkey,
const struct curve25519_keypair_t *client_ephemeral_enc_keypair, const struct curve25519_keypair_t *client_ephemeral_enc_keypair,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out);
int hs_ntor_client_get_rendezvous1_keys( int hs_ntor_client_get_rendezvous1_keys(
@ -53,7 +62,7 @@ int hs_ntor_service_get_introduce1_keys(
const struct ed25519_public_key_t *intro_auth_pubkey, const struct ed25519_public_key_t *intro_auth_pubkey,
const struct curve25519_keypair_t *intro_enc_keypair, const struct curve25519_keypair_t *intro_enc_keypair,
const struct curve25519_public_key_t *client_ephemeral_enc_pubkey, const struct curve25519_public_key_t *client_ephemeral_enc_pubkey,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out); hs_ntor_intro_cell_keys_t *hs_ntor_intro_cell_keys_out);
int hs_ntor_service_get_rendezvous1_keys( int hs_ntor_service_get_rendezvous1_keys(

6
src/feature/hs/hs_cell.c
View File

@ -75,7 +75,7 @@ compute_introduce_mac(const uint8_t *encoded_cell, size_t encoded_cell_len,
static hs_ntor_intro_cell_keys_t * static hs_ntor_intro_cell_keys_t *
get_introduce2_key_material(const ed25519_public_key_t *auth_key, get_introduce2_key_material(const ed25519_public_key_t *auth_key,
const curve25519_keypair_t *enc_key, const curve25519_keypair_t *enc_key,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
const uint8_t *encrypted_section, const uint8_t *encrypted_section,
curve25519_public_key_t *client_pk) curve25519_public_key_t *client_pk)
{ {
@ -820,7 +820,7 @@ get_intro2_keys_as_ob(const hs_service_config_t *config,
const uint8_t *encrypted_section, const uint8_t *encrypted_section,
size_t encrypted_section_len) size_t encrypted_section_len)
{ {
uint8_t *ob_subcreds = NULL; hs_subcredential_t *ob_subcreds = NULL;
size_t ob_num_subcreds; size_t ob_num_subcreds;
hs_ntor_intro_cell_keys_t *intro_keys = NULL; hs_ntor_intro_cell_keys_t *intro_keys = NULL;
@ -835,7 +835,7 @@ get_intro2_keys_as_ob(const hs_service_config_t *config,
/* Copy current data into a new INTRO2 cell data. We will then change the /* Copy current data into a new INTRO2 cell data. We will then change the
* subcredential in order to validate. */ * subcredential in order to validate. */
hs_cell_introduce2_data_t new_data = *data; hs_cell_introduce2_data_t new_data = *data;
new_data.subcredential = &(ob_subcreds[idx * DIGEST256_LEN]); new_data.subcredential = &ob_subcreds[idx];
intro_keys = get_introduce2_keys_and_verify_mac(&new_data, intro_keys = get_introduce2_keys_and_verify_mac(&new_data,
encrypted_section, encrypted_section,
encrypted_section_len); encrypted_section_len);

6
src/feature/hs/hs_cell.h
View File

@ -16,6 +16,8 @@
* 3.2.2 of the specification). Below this value, the cell must be padded. */ * 3.2.2 of the specification). Below this value, the cell must be padded. */
#define HS_CELL_INTRODUCE1_MIN_SIZE 246 #define HS_CELL_INTRODUCE1_MIN_SIZE 246
struct hs_subcredential_t;
/** This data structure contains data that we need to build an INTRODUCE1 cell /** This data structure contains data that we need to build an INTRODUCE1 cell
* used by the INTRODUCE1 build function. */ * used by the INTRODUCE1 build function. */
typedef struct hs_cell_introduce1_data_t { typedef struct hs_cell_introduce1_data_t {
@ -29,7 +31,7 @@ typedef struct hs_cell_introduce1_data_t {
/** Introduction point encryption public key. */ /** Introduction point encryption public key. */
const curve25519_public_key_t *enc_pk; const curve25519_public_key_t *enc_pk;
/** Subcredentials of the service. */ /** Subcredentials of the service. */
const uint8_t *subcredential; const struct hs_subcredential_t *subcredential;
/** Onion public key for the ntor handshake. */ /** Onion public key for the ntor handshake. */
const curve25519_public_key_t *onion_pk; const curve25519_public_key_t *onion_pk;
/** Rendezvous cookie. */ /** Rendezvous cookie. */
@ -57,7 +59,7 @@ typedef struct hs_cell_introduce2_data_t {
const curve25519_keypair_t *enc_kp; const curve25519_keypair_t *enc_kp;
/** Subcredentials of the service. Pointer owned by the descriptor that owns /** Subcredentials of the service. Pointer owned by the descriptor that owns
the introduction point through which we received the INTRO2 cell. */ the introduction point through which we received the INTRO2 cell. */
const uint8_t *subcredential; const struct hs_subcredential_t *subcredential;
/** Payload of the received encoded cell. */ /** Payload of the received encoded cell. */
const uint8_t *payload; const uint8_t *payload;
/** Size of the payload of the received encoded cell. */ /** Size of the payload of the received encoded cell. */

6
src/feature/hs/hs_circuit.c
View File

@ -578,7 +578,7 @@ retry_service_rendezvous_point(const origin_circuit_t *circ)
static int static int
setup_introduce1_data(const hs_desc_intro_point_t *ip, setup_introduce1_data(const hs_desc_intro_point_t *ip,
const node_t *rp_node, const node_t *rp_node,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
hs_cell_introduce1_data_t *intro1_data) hs_cell_introduce1_data_t *intro1_data)
{ {
int ret = -1; int ret = -1;
@ -966,7 +966,7 @@ int
hs_circ_handle_introduce2(const hs_service_t *service, hs_circ_handle_introduce2(const hs_service_t *service,
const origin_circuit_t *circ, const origin_circuit_t *circ,
hs_service_intro_point_t *ip, hs_service_intro_point_t *ip,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
const uint8_t *payload, size_t payload_len) const uint8_t *payload, size_t payload_len)
{ {
int ret = -1; int ret = -1;
@ -1092,7 +1092,7 @@ int
hs_circ_send_introduce1(origin_circuit_t *intro_circ, hs_circ_send_introduce1(origin_circuit_t *intro_circ,
origin_circuit_t *rend_circ, origin_circuit_t *rend_circ,
const hs_desc_intro_point_t *ip, const hs_desc_intro_point_t *ip,
const uint8_t *subcredential) const hs_subcredential_t *subcredential)
{ {
int ret = -1; int ret = -1;
ssize_t payload_len; ssize_t payload_len;

5
src/feature/hs/hs_circuit.h
View File

@ -46,15 +46,16 @@ int hs_circ_handle_intro_established(const hs_service_t *service,
origin_circuit_t *circ, origin_circuit_t *circ,
const uint8_t *payload, const uint8_t *payload,
size_t payload_len); size_t payload_len);
struct hs_subcredential_t;
int hs_circ_handle_introduce2(const hs_service_t *service, int hs_circ_handle_introduce2(const hs_service_t *service,
const origin_circuit_t *circ, const origin_circuit_t *circ,
hs_service_intro_point_t *ip, hs_service_intro_point_t *ip,
const uint8_t *subcredential, const struct hs_subcredential_t *subcredential,
const uint8_t *payload, size_t payload_len); const uint8_t *payload, size_t payload_len);
int hs_circ_send_introduce1(origin_circuit_t *intro_circ, int hs_circ_send_introduce1(origin_circuit_t *intro_circ,
origin_circuit_t *rend_circ, origin_circuit_t *rend_circ,
const hs_desc_intro_point_t *ip, const hs_desc_intro_point_t *ip,
const uint8_t *subcredential); const struct hs_subcredential_t *subcredential);
int hs_circ_send_establish_rendezvous(origin_circuit_t *circ); int hs_circ_send_establish_rendezvous(origin_circuit_t *circ);
/* e2e circuit API. */ /* e2e circuit API. */

12
src/feature/hs/hs_client.c
View File

@ -641,7 +641,7 @@ send_introduce1(origin_circuit_t *intro_circ,
/* Send the INTRODUCE1 cell. */ /* Send the INTRODUCE1 cell. */
if (hs_circ_send_introduce1(intro_circ, rend_circ, ip, if (hs_circ_send_introduce1(intro_circ, rend_circ, ip,
desc->subcredential) < 0) { &desc->subcredential) < 0) {
if (TO_CIRCUIT(intro_circ)->marked_for_close) { if (TO_CIRCUIT(intro_circ)->marked_for_close) {
/* If the introduction circuit was closed, we were unable to send the /* If the introduction circuit was closed, we were unable to send the
* cell for some reasons. In any case, the intro circuit has to be * cell for some reasons. In any case, the intro circuit has to be
@ -1817,7 +1817,7 @@ hs_client_decode_descriptor(const char *desc_str,
hs_descriptor_t **desc) hs_descriptor_t **desc)
{ {
hs_desc_decode_status_t ret; hs_desc_decode_status_t ret;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
ed25519_public_key_t blinded_pubkey; ed25519_public_key_t blinded_pubkey;
hs_client_service_authorization_t *client_auth = NULL; hs_client_service_authorization_t *client_auth = NULL;
curve25519_secret_key_t *client_auht_sk = NULL; curve25519_secret_key_t *client_auht_sk = NULL;
@ -1837,13 +1837,14 @@ hs_client_decode_descriptor(const char *desc_str,
uint64_t current_time_period = hs_get_time_period_num(0); uint64_t current_time_period = hs_get_time_period_num(0);
hs_build_blinded_pubkey(service_identity_pk, NULL, 0, current_time_period, hs_build_blinded_pubkey(service_identity_pk, NULL, 0, current_time_period,
&blinded_pubkey); &blinded_pubkey);
hs_get_subcredential(service_identity_pk, &blinded_pubkey, subcredential); hs_get_subcredential(service_identity_pk, &blinded_pubkey, &
subcredential);
} }
/* Parse descriptor */ /* Parse descriptor */
ret = hs_desc_decode_descriptor(desc_str, subcredential, ret = hs_desc_decode_descriptor(desc_str, &subcredential,
client_auht_sk, desc); client_auht_sk, desc);
memwipe(subcredential, 0, sizeof(subcredential)); memwipe(&subcredential, 0, sizeof(subcredential));
if (ret != HS_DESC_DECODE_OK) { if (ret != HS_DESC_DECODE_OK) {
goto err; goto err;
} }
@ -2456,4 +2457,3 @@ set_hs_client_auths_map(digest256map_t *map)
} }
#endif /* defined(TOR_UNIT_TESTS) */ #endif /* defined(TOR_UNIT_TESTS) */

7
src/feature/hs/hs_common.c
View File

@ -808,12 +808,12 @@ hs_parse_address_impl(const char *address, ed25519_public_key_t *key_out,
} }
/** Using the given identity public key and a blinded public key, compute the /** Using the given identity public key and a blinded public key, compute the
* subcredential and put it in subcred_out (must be of size DIGEST256_LEN). * subcredential and put it in subcred_out.
* This can't fail. */ * This can't fail. */
void void
hs_get_subcredential(const ed25519_public_key_t *identity_pk, hs_get_subcredential(const ed25519_public_key_t *identity_pk,
const ed25519_public_key_t *blinded_pk, const ed25519_public_key_t *blinded_pk,
uint8_t *subcred_out) hs_subcredential_t *subcred_out)
{ {
uint8_t credential[DIGEST256_LEN]; uint8_t credential[DIGEST256_LEN];
crypto_digest_t *digest; crypto_digest_t *digest;
@ -841,7 +841,8 @@ hs_get_subcredential(const ed25519_public_key_t *identity_pk,
sizeof(credential)); sizeof(credential));
crypto_digest_add_bytes(digest, (const char *) blinded_pk->pubkey, crypto_digest_add_bytes(digest, (const char *) blinded_pk->pubkey,
ED25519_PUBKEY_LEN); ED25519_PUBKEY_LEN);
crypto_digest_get_digest(digest, (char *) subcred_out, DIGEST256_LEN); crypto_digest_get_digest(digest, (char *) subcred_out->subcred,
SUBCRED_LEN);
crypto_digest_free(digest); crypto_digest_free(digest);
memwipe(credential, 0, sizeof(credential)); memwipe(credential, 0, sizeof(credential));

3
src/feature/hs/hs_common.h
View File

@ -214,9 +214,10 @@ const uint8_t *rend_data_get_pk_digest(const rend_data_t *rend_data,
routerstatus_t *pick_hsdir(const char *desc_id, const char *desc_id_base32); routerstatus_t *pick_hsdir(const char *desc_id, const char *desc_id_base32);
struct hs_subcredential_t;
void hs_get_subcredential(const struct ed25519_public_key_t *identity_pk, void hs_get_subcredential(const struct ed25519_public_key_t *identity_pk,
const struct ed25519_public_key_t *blinded_pk, const struct ed25519_public_key_t *blinded_pk,
uint8_t *subcred_out); struct hs_subcredential_t *subcred_out);
uint64_t hs_get_previous_time_period_num(time_t now); uint64_t hs_get_previous_time_period_num(time_t now);
uint64_t hs_get_time_period_num(time_t now); uint64_t hs_get_time_period_num(time_t now);

24
src/feature/hs/hs_descriptor.c
View File

@ -211,7 +211,7 @@ build_secret_input(const hs_descriptor_t *desc,
memcpy(secret_input, secret_data, secret_data_len); memcpy(secret_input, secret_data, secret_data_len);
offset += secret_data_len; offset += secret_data_len;
/* Copy subcredential. */ /* Copy subcredential. */
memcpy(secret_input + offset, desc->subcredential, DIGEST256_LEN); memcpy(secret_input + offset, desc->subcredential.subcred, DIGEST256_LEN);
offset += DIGEST256_LEN; offset += DIGEST256_LEN;
/* Copy revision counter value. */ /* Copy revision counter value. */
set_uint64(secret_input + offset, set_uint64(secret_input + offset,
@ -1018,9 +1018,11 @@ desc_encode_v3(const hs_descriptor_t *desc,
tor_assert(encoded_out); tor_assert(encoded_out);
tor_assert(desc->plaintext_data.version == 3); tor_assert(desc->plaintext_data.version == 3);
/* This is impossible; this is a member of desc.
if (BUG(desc->subcredential == NULL)) { if (BUG(desc->subcredential == NULL)) {
goto err; goto err;
} }
*/
/* Build the non-encrypted values. */ /* Build the non-encrypted values. */
{ {
@ -1366,8 +1368,7 @@ encrypted_data_length_is_valid(size_t len)
* and return the buffer's length. The caller should wipe and free its content * and return the buffer's length. The caller should wipe and free its content
* once done with it. This function can't fail. */ * once done with it. This function can't fail. */
static size_t static size_t
build_descriptor_cookie_keys(const uint8_t *subcredential, build_descriptor_cookie_keys(const hs_subcredential_t *subcredential,
size_t subcredential_len,
const curve25519_secret_key_t *sk, const curve25519_secret_key_t *sk,
const curve25519_public_key_t *pk, const curve25519_public_key_t *pk,
uint8_t **keys_out) uint8_t **keys_out)
@ -1389,7 +1390,7 @@ build_descriptor_cookie_keys(const uint8_t *subcredential,
/* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */ /* Calculate KEYS = KDF(subcredential | SECRET_SEED, 40) */
xof = crypto_xof_new(); xof = crypto_xof_new();
crypto_xof_add_bytes(xof, subcredential, subcredential_len); crypto_xof_add_bytes(xof, subcredential->subcred, SUBCRED_LEN);
crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed)); crypto_xof_add_bytes(xof, secret_seed, sizeof(secret_seed));
crypto_xof_squeeze_bytes(xof, keystream, keystream_len); crypto_xof_squeeze_bytes(xof, keystream, keystream_len);
crypto_xof_free(xof); crypto_xof_free(xof);
@ -1426,11 +1427,12 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); sizeof(desc->superencrypted_data.auth_ephemeral_pubkey)));
tor_assert(!fast_mem_is_zero((char *) client_auth_sk, tor_assert(!fast_mem_is_zero((char *) client_auth_sk,
sizeof(*client_auth_sk))); sizeof(*client_auth_sk)));
tor_assert(!fast_mem_is_zero((char *) desc->subcredential, DIGEST256_LEN)); tor_assert(!fast_mem_is_zero((char *) desc->subcredential.subcred,
DIGEST256_LEN));
/* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */ /* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */
keystream_length = keystream_length =
build_descriptor_cookie_keys(desc->subcredential, DIGEST256_LEN, build_descriptor_cookie_keys(&desc->subcredential,
client_auth_sk, client_auth_sk,
&desc->superencrypted_data.auth_ephemeral_pubkey, &desc->superencrypted_data.auth_ephemeral_pubkey,
&keystream); &keystream);
@ -2558,7 +2560,7 @@ hs_desc_decode_plaintext(const char *encoded,
* set to NULL. */ * set to NULL. */
hs_desc_decode_status_t hs_desc_decode_status_t
hs_desc_decode_descriptor(const char *encoded, hs_desc_decode_descriptor(const char *encoded,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
const curve25519_secret_key_t *client_auth_sk, const curve25519_secret_key_t *client_auth_sk,
hs_descriptor_t **desc_out) hs_descriptor_t **desc_out)
{ {
@ -2576,7 +2578,7 @@ hs_desc_decode_descriptor(const char *encoded,
goto err; goto err;
} }
memcpy(desc->subcredential, subcredential, sizeof(desc->subcredential)); memcpy(&desc->subcredential, subcredential, sizeof(desc->subcredential));
ret = hs_desc_decode_plaintext(encoded, &desc->plaintext_data); ret = hs_desc_decode_plaintext(encoded, &desc->plaintext_data);
if (ret != HS_DESC_DECODE_OK) { if (ret != HS_DESC_DECODE_OK) {
@ -2666,7 +2668,7 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc,
* symmetric only if the client auth is disabled. That is, the descriptor * symmetric only if the client auth is disabled. That is, the descriptor
* cookie will be NULL. */ * cookie will be NULL. */
if (!descriptor_cookie) { if (!descriptor_cookie) {
ret = hs_desc_decode_descriptor(*encoded_out, desc->subcredential, ret = hs_desc_decode_descriptor(*encoded_out, &desc->subcredential,
NULL, NULL); NULL, NULL);
if (BUG(ret != HS_DESC_DECODE_OK)) { if (BUG(ret != HS_DESC_DECODE_OK)) {
ret = -1; ret = -1;
@ -2870,7 +2872,7 @@ hs_desc_build_fake_authorized_client(void)
* key, and descriptor cookie, build the auth client so we can then encode the * key, and descriptor cookie, build the auth client so we can then encode the
* descriptor for publication. client_out must be already allocated. */ * descriptor for publication. client_out must be already allocated. */
void void
hs_desc_build_authorized_client(const uint8_t *subcredential, hs_desc_build_authorized_client(const hs_subcredential_t *subcredential,
const curve25519_public_key_t *client_auth_pk, const curve25519_public_key_t *client_auth_pk,
const curve25519_secret_key_t * const curve25519_secret_key_t *
auth_ephemeral_sk, auth_ephemeral_sk,
@ -2898,7 +2900,7 @@ hs_desc_build_authorized_client(const uint8_t *subcredential,
/* Get the KEYS part so we can derive the CLIENT-ID and COOKIE-KEY. */ /* Get the KEYS part so we can derive the CLIENT-ID and COOKIE-KEY. */
keystream_length = keystream_length =
build_descriptor_cookie_keys(subcredential, DIGEST256_LEN, build_descriptor_cookie_keys(subcredential,
auth_ephemeral_sk, client_auth_pk, auth_ephemeral_sk, client_auth_pk,
&keystream); &keystream);
tor_assert(keystream_length > 0); tor_assert(keystream_length > 0);

7
src/feature/hs/hs_descriptor.h
View File

@ -14,6 +14,7 @@
#include "core/or/or.h" #include "core/or/or.h"
#include "trunnel/ed25519_cert.h" /* needed for trunnel */ #include "trunnel/ed25519_cert.h" /* needed for trunnel */
#include "feature/nodelist/torcert.h" #include "feature/nodelist/torcert.h"
#include "core/crypto/hs_ntor.h" /* for hs_subcredential_t */
/* Trunnel */ /* Trunnel */
struct link_specifier_t; struct link_specifier_t;
@ -238,7 +239,7 @@ typedef struct hs_descriptor_t {
/** Subcredentials of a service, used by the client and service to decrypt /** Subcredentials of a service, used by the client and service to decrypt
* the encrypted data. */ * the encrypted data. */
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
} hs_descriptor_t; } hs_descriptor_t;
/** Return true iff the given descriptor format version is supported. */ /** Return true iff the given descriptor format version is supported. */
@ -277,7 +278,7 @@ MOCK_DECL(int,
char **encoded_out)); char **encoded_out));
int hs_desc_decode_descriptor(const char *encoded, int hs_desc_decode_descriptor(const char *encoded,
const uint8_t *subcredential, const hs_subcredential_t *subcredential,
const curve25519_secret_key_t *client_auth_sk, const curve25519_secret_key_t *client_auth_sk,
hs_descriptor_t **desc_out); hs_descriptor_t **desc_out);
int hs_desc_decode_plaintext(const char *encoded, int hs_desc_decode_plaintext(const char *encoded,
@ -302,7 +303,7 @@ void hs_desc_authorized_client_free_(hs_desc_authorized_client_t *client);
hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void); hs_desc_authorized_client_t *hs_desc_build_fake_authorized_client(void);
void hs_desc_build_authorized_client(const uint8_t *subcredential, void hs_desc_build_authorized_client(const hs_subcredential_t *subcredential,
const curve25519_public_key_t * const curve25519_public_key_t *
client_auth_pk, client_auth_pk,
const curve25519_secret_key_t * const curve25519_secret_key_t *

12
src/feature/hs/hs_ob.c
View File

@ -178,7 +178,7 @@ ob_option_parse(hs_service_config_t *config, const ob_options_t *opts)
* least DIGEST256_LEN in size. */ * least DIGEST256_LEN in size. */
static void static void
build_subcredential(const ed25519_public_key_t *pkey, uint64_t tp, build_subcredential(const ed25519_public_key_t *pkey, uint64_t tp,
uint8_t *subcredential) hs_subcredential_t *subcredential)
{ {
ed25519_public_key_t blinded_pubkey; ed25519_public_key_t blinded_pubkey;
@ -275,13 +275,12 @@ hs_ob_parse_config_file(hs_service_config_t *config)
* Otherwise, this can't fail. */ * Otherwise, this can't fail. */
size_t size_t
hs_ob_get_subcredentials(const hs_service_config_t *config, hs_ob_get_subcredentials(const hs_service_config_t *config,
uint8_t **subcredentials) hs_subcredential_t **subcredentials)
{ {
unsigned int num_pkeys, idx = 0; unsigned int num_pkeys, idx = 0;
uint8_t *subcreds = NULL; hs_subcredential_t *subcreds = NULL;
const int steps[3] = {0, -1, 1}; const int steps[3] = {0, -1, 1};
const unsigned int num_steps = ARRAY_LENGTH(steps); const unsigned int num_steps = ARRAY_LENGTH(steps);
const size_t subcred_len = DIGEST256_LEN;
const uint64_t tp = hs_get_time_period_num(0); const uint64_t tp = hs_get_time_period_num(0);
tor_assert(config); tor_assert(config);
@ -319,14 +318,13 @@ hs_ob_get_subcredentials(const hs_service_config_t *config,
* number of time period we need to compute and finally multiplied by the * number of time period we need to compute and finally multiplied by the
* total number of keys we are about to process. In other words, for each * total number of keys we are about to process. In other words, for each
* key, we allocate 3 subcredential slots. */ * key, we allocate 3 subcredential slots. */
subcreds = tor_malloc_zero(subcred_len * num_steps * num_pkeys); subcreds = tor_calloc(num_steps * num_pkeys, sizeof(hs_subcredential_t));
/* For each time period step. */ /* For each time period step. */
for (unsigned int i = 0; i < num_steps; i++) { for (unsigned int i = 0; i < num_steps; i++) {
SMARTLIST_FOREACH_BEGIN(config->ob_master_pubkeys, SMARTLIST_FOREACH_BEGIN(config->ob_master_pubkeys,
const ed25519_public_key_t *, pkey) { const ed25519_public_key_t *, pkey) {
build_subcredential(pkey, tp + steps[i], build_subcredential(pkey, tp + steps[i], &subcreds[idx]);
&(subcreds[idx * subcred_len]));
idx++; idx++;
} SMARTLIST_FOREACH_END(pkey); } SMARTLIST_FOREACH_END(pkey);
} }

3
src/feature/hs/hs_ob.h
View File

@ -15,8 +15,9 @@ bool hs_ob_service_is_instance(const hs_service_t *service);
int hs_ob_parse_config_file(hs_service_config_t *config); int hs_ob_parse_config_file(hs_service_config_t *config);
struct hs_subcredential_t;
size_t hs_ob_get_subcredentials(const hs_service_config_t *config, size_t hs_ob_get_subcredentials(const hs_service_config_t *config,
uint8_t **subcredentials); struct hs_subcredential_t **subcredentials);
#ifdef HS_OB_PRIVATE #ifdef HS_OB_PRIVATE

9
src/feature/hs/hs_service.c
View File

@ -1769,7 +1769,8 @@ build_service_desc_superencrypted(const hs_service_t *service,
sizeof(curve25519_public_key_t)); sizeof(curve25519_public_key_t));
/* Test that subcred is not zero because we might use it below */ /* Test that subcred is not zero because we might use it below */
if (BUG(fast_mem_is_zero((char*)desc->desc->subcredential, DIGEST256_LEN))) { if (BUG(fast_mem_is_zero((char*)desc->desc->subcredential.subcred,
DIGEST256_LEN))) {
return -1; return -1;
} }
@ -1786,7 +1787,7 @@ build_service_desc_superencrypted(const hs_service_t *service,
/* Prepare the client for descriptor and then add to the list in the /* Prepare the client for descriptor and then add to the list in the
* superencrypted part of the descriptor */ * superencrypted part of the descriptor */
hs_desc_build_authorized_client(desc->desc->subcredential, hs_desc_build_authorized_client(&desc->desc->subcredential,
&client->client_pk, &client->client_pk,
&desc->auth_ephemeral_kp.seckey, &desc->auth_ephemeral_kp.seckey,
desc->descriptor_cookie, desc_client); desc->descriptor_cookie, desc_client);
@ -1842,7 +1843,7 @@ build_service_desc_plaintext(const hs_service_t *service,
/* Set the subcredential. */ /* Set the subcredential. */
hs_get_subcredential(&service->keys.identity_pk, &desc->blinded_kp.pubkey, hs_get_subcredential(&service->keys.identity_pk, &desc->blinded_kp.pubkey,
desc->desc->subcredential); &desc->desc->subcredential);
plaintext = &desc->desc->plaintext_data; plaintext = &desc->desc->plaintext_data;
@ -3374,7 +3375,7 @@ service_handle_introduce2(origin_circuit_t *circ, const uint8_t *payload,
/* The following will parse, decode and launch the rendezvous point circuit. /* The following will parse, decode and launch the rendezvous point circuit.
* Both current and legacy cells are handled. */ * Both current and legacy cells are handled. */
if (hs_circ_handle_introduce2(service, circ, ip, desc->desc->subcredential, if (hs_circ_handle_introduce2(service, circ, ip, &desc->desc->subcredential,
payload, payload_len) < 0) { payload, payload_len) < 0) {
goto err; goto err;
} }

7
src/test/fuzz/fuzz_hsdescv3.c
View File

@ -85,12 +85,12 @@ int
fuzz_main(const uint8_t *data, size_t sz) fuzz_main(const uint8_t *data, size_t sz)
{ {
hs_descriptor_t *desc = NULL; hs_descriptor_t *desc = NULL;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
char *fuzzing_data = tor_memdup_nulterm(data, sz); char *fuzzing_data = tor_memdup_nulterm(data, sz);
memset(subcredential, 'A', sizeof(subcredential)); memset(&subcredential, 'A', sizeof(subcredential));
hs_desc_decode_descriptor(fuzzing_data, subcredential, NULL, &desc); hs_desc_decode_descriptor(fuzzing_data, &subcredential, NULL, &desc);
if (desc) { if (desc) {
log_debug(LD_GENERAL, "Decoding okay"); log_debug(LD_GENERAL, "Decoding okay");
hs_descriptor_free(desc); hs_descriptor_free(desc);
@ -101,4 +101,3 @@ fuzz_main(const uint8_t *data, size_t sz)
tor_free(fuzzing_data); tor_free(fuzzing_data);
return 0; return 0;
} }

6
src/test/hs_test_helpers.c
View File

@ -140,7 +140,7 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip,
desc->plaintext_data.lifetime_sec = 3 * 60 * 60; desc->plaintext_data.lifetime_sec = 3 * 60 * 60;
hs_get_subcredential(&signing_kp->pubkey, &blinded_kp.pubkey, hs_get_subcredential(&signing_kp->pubkey, &blinded_kp.pubkey,
desc->subcredential); &desc->subcredential);
/* Setup superencrypted data section. */ /* Setup superencrypted data section. */
ret = curve25519_keypair_generate(&auth_ephemeral_kp, 0); ret = curve25519_keypair_generate(&auth_ephemeral_kp, 0);
@ -186,7 +186,7 @@ hs_helper_build_hs_desc_impl(unsigned int no_ip,
* an HS. Used to decrypt descriptors in unittests. */ * an HS. Used to decrypt descriptors in unittests. */
void void
hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp, hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp,
uint8_t *subcred_out) hs_subcredential_t *subcred_out)
{ {
ed25519_keypair_t blinded_kp; ed25519_keypair_t blinded_kp;
uint64_t current_time_period = hs_get_time_period_num(approx_time()); uint64_t current_time_period = hs_get_time_period_num(approx_time());
@ -233,7 +233,7 @@ hs_helper_build_hs_desc_with_client_auth(
memcpy(&desc->superencrypted_data.auth_ephemeral_pubkey, memcpy(&desc->superencrypted_data.auth_ephemeral_pubkey,
&auth_ephemeral_kp.pubkey, sizeof(curve25519_public_key_t)); &auth_ephemeral_kp.pubkey, sizeof(curve25519_public_key_t));
hs_desc_build_authorized_client(desc->subcredential, client_pk, hs_desc_build_authorized_client(&desc->subcredential, client_pk,
&auth_ephemeral_kp.seckey, &auth_ephemeral_kp.seckey,
descriptor_cookie, desc_client); descriptor_cookie, desc_client);
smartlist_add(desc->superencrypted_data.clients, desc_client); smartlist_add(desc->superencrypted_data.clients, desc_client);

7
src/test/hs_test_helpers.h
View File

@ -21,12 +21,11 @@ hs_descriptor_t *hs_helper_build_hs_desc_with_client_auth(
const ed25519_keypair_t *signing_kp); const ed25519_keypair_t *signing_kp);
void hs_helper_desc_equal(const hs_descriptor_t *desc1, void hs_helper_desc_equal(const hs_descriptor_t *desc1,
const hs_descriptor_t *desc2); const hs_descriptor_t *desc2);
void struct hs_subcredential_t;
hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp, void hs_helper_get_subcred_from_identity_keypair(ed25519_keypair_t *signing_kp,
uint8_t *subcred_out); struct hs_subcredential_t *subcred_out);
void hs_helper_add_client_auth(const ed25519_public_key_t *service_pk, void hs_helper_add_client_auth(const ed25519_public_key_t *service_pk,
const curve25519_secret_key_t *client_sk); const curve25519_secret_key_t *client_sk);
#endif /* !defined(TOR_HS_TEST_HELPERS_H) */ #endif /* !defined(TOR_HS_TEST_HELPERS_H) */

21
src/test/test_hs_cache.c
View File

@ -370,7 +370,7 @@ test_hsdir_revision_counter_check(void *arg)
hs_descriptor_t *published_desc = NULL; hs_descriptor_t *published_desc = NULL;
char *published_desc_str = NULL; char *published_desc_str = NULL;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
char *received_desc_str = NULL; char *received_desc_str = NULL;
hs_descriptor_t *received_desc = NULL; hs_descriptor_t *received_desc = NULL;
@ -407,11 +407,11 @@ test_hsdir_revision_counter_check(void *arg)
const ed25519_public_key_t *blinded_key; const ed25519_public_key_t *blinded_key;
blinded_key = &published_desc->plaintext_data.blinded_pubkey; blinded_key = &published_desc->plaintext_data.blinded_pubkey;
hs_get_subcredential(&signing_kp.pubkey, blinded_key, subcredential); hs_get_subcredential(&signing_kp.pubkey, blinded_key, &subcredential);
received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
retval = hs_desc_decode_descriptor(received_desc_str, retval = hs_desc_decode_descriptor(received_desc_str,
subcredential, NULL, &received_desc); &subcredential, NULL, &received_desc);
tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(received_desc); tt_assert(received_desc);
@ -444,7 +444,7 @@ test_hsdir_revision_counter_check(void *arg)
received_desc_str = helper_fetch_desc_from_hsdir(blinded_key); received_desc_str = helper_fetch_desc_from_hsdir(blinded_key);
retval = hs_desc_decode_descriptor(received_desc_str, retval = hs_desc_decode_descriptor(received_desc_str,
subcredential, NULL, &received_desc); &subcredential, NULL, &received_desc);
tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(retval, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(received_desc); tt_assert(received_desc);
@ -476,7 +476,7 @@ test_client_cache(void *arg)
ed25519_keypair_t signing_kp; ed25519_keypair_t signing_kp;
hs_descriptor_t *published_desc = NULL; hs_descriptor_t *published_desc = NULL;
char *published_desc_str = NULL; char *published_desc_str = NULL;
uint8_t wanted_subcredential[DIGEST256_LEN]; hs_subcredential_t wanted_subcredential;
response_handler_args_t *args = NULL; response_handler_args_t *args = NULL;
dir_connection_t *conn = NULL; dir_connection_t *conn = NULL;
@ -505,8 +505,10 @@ test_client_cache(void *arg)
retval = hs_desc_encode_descriptor(published_desc, &signing_kp, retval = hs_desc_encode_descriptor(published_desc, &signing_kp,
NULL, &published_desc_str); NULL, &published_desc_str);
tt_int_op(retval, OP_EQ, 0); tt_int_op(retval, OP_EQ, 0);
memcpy(wanted_subcredential, published_desc->subcredential, DIGEST256_LEN); memcpy(&wanted_subcredential, &published_desc->subcredential,
tt_assert(!fast_mem_is_zero((char*)wanted_subcredential, DIGEST256_LEN)); sizeof(hs_subcredential_t));
tt_assert(!fast_mem_is_zero((char*)wanted_subcredential.subcred,
DIGEST256_LEN));
} }
/* Test handle_response_fetch_hsdesc_v3() */ /* Test handle_response_fetch_hsdesc_v3() */
@ -540,8 +542,9 @@ test_client_cache(void *arg)
const hs_descriptor_t *cached_desc = NULL; const hs_descriptor_t *cached_desc = NULL;
cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey); cached_desc = hs_cache_lookup_as_client(&signing_kp.pubkey);
tt_assert(cached_desc); tt_assert(cached_desc);
tt_mem_op(cached_desc->subcredential, OP_EQ, wanted_subcredential, tt_mem_op(cached_desc->subcredential.subcred,
DIGEST256_LEN); OP_EQ, wanted_subcredential.subcred,
SUBCRED_LEN);
} }
/* Progress time to next TP and check that desc was cleaned */ /* Progress time to next TP and check that desc was cleaned */

7
src/test/test_hs_client.c
View File

@ -416,9 +416,10 @@ test_client_pick_intro(void *arg)
const hs_descriptor_t *fetched_desc = const hs_descriptor_t *fetched_desc =
hs_cache_lookup_as_client(&service_kp.pubkey); hs_cache_lookup_as_client(&service_kp.pubkey);
tt_assert(fetched_desc); tt_assert(fetched_desc);
tt_mem_op(fetched_desc->subcredential, OP_EQ, desc->subcredential, tt_mem_op(fetched_desc->subcredential.subcred,
DIGEST256_LEN); OP_EQ, desc->subcredential.subcred,
tt_assert(!fast_mem_is_zero((char*)fetched_desc->subcredential, SUBCRED_LEN);
tt_assert(!fast_mem_is_zero((char*)fetched_desc->subcredential.subcred,
DIGEST256_LEN)); DIGEST256_LEN));
tor_free(encoded); tor_free(encoded);
} }

28
src/test/test_hs_descriptor.c
View File

@ -221,7 +221,7 @@ test_decode_descriptor(void *arg)
hs_descriptor_t *desc = NULL; hs_descriptor_t *desc = NULL;
hs_descriptor_t *decoded = NULL; hs_descriptor_t *decoded = NULL;
hs_descriptor_t *desc_no_ip = NULL; hs_descriptor_t *desc_no_ip = NULL;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
(void) arg; (void) arg;
@ -230,10 +230,10 @@ test_decode_descriptor(void *arg)
desc = hs_helper_build_hs_desc_with_ip(&signing_kp); desc = hs_helper_build_hs_desc_with_ip(&signing_kp);
hs_helper_get_subcred_from_identity_keypair(&signing_kp, hs_helper_get_subcred_from_identity_keypair(&signing_kp,
subcredential); &subcredential);
/* Give some bad stuff to the decoding function. */ /* Give some bad stuff to the decoding function. */
ret = hs_desc_decode_descriptor("hladfjlkjadf", subcredential, ret = hs_desc_decode_descriptor("hladfjlkjadf", &subcredential,
NULL, &decoded); NULL, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_PLAINTEXT_ERROR);
@ -241,7 +241,7 @@ test_decode_descriptor(void *arg)
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(encoded); tt_assert(encoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded); ret = hs_desc_decode_descriptor(encoded, &subcredential, NULL, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(decoded); tt_assert(decoded);
@ -253,7 +253,7 @@ test_decode_descriptor(void *arg)
ret = ed25519_keypair_generate(&signing_kp_no_ip, 0); ret = ed25519_keypair_generate(&signing_kp_no_ip, 0);
tt_int_op(ret, OP_EQ, 0); tt_int_op(ret, OP_EQ, 0);
hs_helper_get_subcred_from_identity_keypair(&signing_kp_no_ip, hs_helper_get_subcred_from_identity_keypair(&signing_kp_no_ip,
subcredential); &subcredential);
desc_no_ip = hs_helper_build_hs_desc_no_ip(&signing_kp_no_ip); desc_no_ip = hs_helper_build_hs_desc_no_ip(&signing_kp_no_ip);
tt_assert(desc_no_ip); tt_assert(desc_no_ip);
tor_free(encoded); tor_free(encoded);
@ -262,7 +262,7 @@ test_decode_descriptor(void *arg)
tt_int_op(ret, OP_EQ, 0); tt_int_op(ret, OP_EQ, 0);
tt_assert(encoded); tt_assert(encoded);
hs_descriptor_free(decoded); hs_descriptor_free(decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, NULL, &decoded); ret = hs_desc_decode_descriptor(encoded, &subcredential, NULL, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(decoded); tt_assert(decoded);
} }
@ -286,14 +286,14 @@ test_decode_descriptor(void *arg)
&auth_ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN); &auth_ephemeral_kp.pubkey, CURVE25519_PUBKEY_LEN);
hs_helper_get_subcred_from_identity_keypair(&signing_kp, hs_helper_get_subcred_from_identity_keypair(&signing_kp,
subcredential); &subcredential);
/* Build and add the auth client to the descriptor. */ /* Build and add the auth client to the descriptor. */
clients = desc->superencrypted_data.clients; clients = desc->superencrypted_data.clients;
if (!clients) { if (!clients) {
clients = smartlist_new(); clients = smartlist_new();
} }
hs_desc_build_authorized_client(subcredential, hs_desc_build_authorized_client(&subcredential,
&client_kp.pubkey, &client_kp.pubkey,
&auth_ephemeral_kp.seckey, &auth_ephemeral_kp.seckey,
descriptor_cookie, client); descriptor_cookie, client);
@ -315,21 +315,21 @@ test_decode_descriptor(void *arg)
/* If we do not have the client secret key, the decoding must fail. */ /* If we do not have the client secret key, the decoding must fail. */
hs_descriptor_free(decoded); hs_descriptor_free(decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, ret = hs_desc_decode_descriptor(encoded, &subcredential,
NULL, &decoded); NULL, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_NEED_CLIENT_AUTH);
tt_assert(!decoded); tt_assert(!decoded);
/* If we have an invalid client secret key, the decoding must fail. */ /* If we have an invalid client secret key, the decoding must fail. */
hs_descriptor_free(decoded); hs_descriptor_free(decoded);
ret = hs_desc_decode_descriptor(encoded, subcredential, ret = hs_desc_decode_descriptor(encoded, &subcredential,
&invalid_client_kp.seckey, &decoded); &invalid_client_kp.seckey, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_BAD_CLIENT_AUTH); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_BAD_CLIENT_AUTH);
tt_assert(!decoded); tt_assert(!decoded);
/* If we have the client secret key, the decoding must succeed and the /* If we have the client secret key, the decoding must succeed and the
* decoded descriptor must be correct. */ * decoded descriptor must be correct. */
ret = hs_desc_decode_descriptor(encoded, subcredential, ret = hs_desc_decode_descriptor(encoded, &subcredential,
&client_kp.seckey, &decoded); &client_kp.seckey, &decoded);
tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK); tt_int_op(ret, OP_EQ, HS_DESC_DECODE_OK);
tt_assert(decoded); tt_assert(decoded);
@ -762,7 +762,7 @@ test_build_authorized_client(void *arg)
"07d087f1d8c68393721f6e70316d3b29"; "07d087f1d8c68393721f6e70316d3b29";
const char client_pubkey_b16[] = const char client_pubkey_b16[] =
"8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37"; "8c1298fa6050e372f8598f6deca32e27b0ad457741422c2629ebb132cf7fae37";
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
char *mem_op_hex_tmp=NULL; char *mem_op_hex_tmp=NULL;
(void) arg; (void) arg;
@ -774,7 +774,7 @@ test_build_authorized_client(void *arg)
tt_int_op(ret, OP_EQ, 0); tt_int_op(ret, OP_EQ, 0);
curve25519_public_key_generate(&client_auth_pk, &client_auth_sk); curve25519_public_key_generate(&client_auth_pk, &client_auth_sk);
memset(subcredential, 42, sizeof(subcredential)); memset(subcredential.subcred, 42, sizeof(subcredential));
desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t)); desc_client = tor_malloc_zero(sizeof(hs_desc_authorized_client_t));
@ -795,7 +795,7 @@ test_build_authorized_client(void *arg)
testing_enable_prefilled_rng("\x01", 1); testing_enable_prefilled_rng("\x01", 1);
hs_desc_build_authorized_client(subcredential, hs_desc_build_authorized_client(&subcredential,
&client_auth_pk, &auth_ephemeral_sk, &client_auth_pk, &auth_ephemeral_sk,
descriptor_cookie, desc_client); descriptor_cookie, desc_client);

8
src/test/test_hs_ntor.c
View File

@ -23,7 +23,7 @@ test_hs_ntor(void *arg)
{ {
int retval; int retval;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
ed25519_keypair_t service_intro_auth_keypair; ed25519_keypair_t service_intro_auth_keypair;
curve25519_keypair_t service_intro_enc_keypair; curve25519_keypair_t service_intro_enc_keypair;
@ -42,7 +42,7 @@ test_hs_ntor(void *arg)
/* Generate fake data for this unittest */ /* Generate fake data for this unittest */
{ {
/* Generate fake subcredential */ /* Generate fake subcredential */
memset(subcredential, 'Z', DIGEST256_LEN); memset(subcredential.subcred, 'Z', DIGEST256_LEN);
/* service */ /* service */
curve25519_keypair_generate(&service_intro_enc_keypair, 0); curve25519_keypair_generate(&service_intro_enc_keypair, 0);
@ -57,7 +57,7 @@ test_hs_ntor(void *arg)
hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair.pubkey, hs_ntor_client_get_introduce1_keys(&service_intro_auth_keypair.pubkey,
&service_intro_enc_keypair.pubkey, &service_intro_enc_keypair.pubkey,
&client_ephemeral_enc_keypair, &client_ephemeral_enc_keypair,
subcredential, &subcredential,
&client_hs_ntor_intro_cell_keys); &client_hs_ntor_intro_cell_keys);
tt_int_op(retval, OP_EQ, 0); tt_int_op(retval, OP_EQ, 0);
@ -66,7 +66,7 @@ test_hs_ntor(void *arg)
hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair.pubkey, hs_ntor_service_get_introduce1_keys(&service_intro_auth_keypair.pubkey,
&service_intro_enc_keypair, &service_intro_enc_keypair,
&client_ephemeral_enc_keypair.pubkey, &client_ephemeral_enc_keypair.pubkey,
subcredential, &subcredential,
&service_hs_ntor_intro_cell_keys); &service_hs_ntor_intro_cell_keys);
tt_int_op(retval, OP_EQ, 0); tt_int_op(retval, OP_EQ, 0);

16
src/test/test_hs_ntor_cl.c
View File

@ -53,7 +53,7 @@ client1(int argc, char **argv)
curve25519_public_key_t intro_enc_pubkey; curve25519_public_key_t intro_enc_pubkey;
ed25519_public_key_t intro_auth_pubkey; ed25519_public_key_t intro_auth_pubkey;
curve25519_keypair_t client_ephemeral_enc_keypair; curve25519_keypair_t client_ephemeral_enc_keypair;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
/* Output */ /* Output */
hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
@ -65,7 +65,7 @@ client1(int argc, char **argv)
BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(3, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key, BASE16(4, client_ephemeral_enc_keypair.seckey.secret_key,
CURVE25519_SECKEY_LEN); CURVE25519_SECKEY_LEN);
BASE16(5, subcredential, DIGEST256_LEN); BASE16(5, subcredential.subcred, DIGEST256_LEN);
/* Generate keypair */ /* Generate keypair */
curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,
@ -74,7 +74,7 @@ client1(int argc, char **argv)
retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey, retval = hs_ntor_client_get_introduce1_keys(&intro_auth_pubkey,
&intro_enc_pubkey, &intro_enc_pubkey,
&client_ephemeral_enc_keypair, &client_ephemeral_enc_keypair,
subcredential, &subcredential,
&hs_ntor_intro_cell_keys); &hs_ntor_intro_cell_keys);
if (retval < 0) { if (retval < 0) {
goto done; goto done;
@ -106,7 +106,7 @@ server1(int argc, char **argv)
curve25519_keypair_t intro_enc_keypair; curve25519_keypair_t intro_enc_keypair;
ed25519_public_key_t intro_auth_pubkey; ed25519_public_key_t intro_auth_pubkey;
curve25519_public_key_t client_ephemeral_enc_pubkey; curve25519_public_key_t client_ephemeral_enc_pubkey;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
/* Output */ /* Output */
hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys; hs_ntor_intro_cell_keys_t hs_ntor_intro_cell_keys;
@ -119,7 +119,7 @@ server1(int argc, char **argv)
BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN); BASE16(2, intro_auth_pubkey.pubkey, ED25519_PUBKEY_LEN);
BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN); BASE16(3, intro_enc_keypair.seckey.secret_key, CURVE25519_SECKEY_LEN);
BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(4, client_ephemeral_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
BASE16(5, subcredential, DIGEST256_LEN); BASE16(5, subcredential.subcred, DIGEST256_LEN);
/* Generate keypair */ /* Generate keypair */
curve25519_public_key_generate(&intro_enc_keypair.pubkey, curve25519_public_key_generate(&intro_enc_keypair.pubkey,
@ -130,7 +130,7 @@ server1(int argc, char **argv)
retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey, retval = hs_ntor_service_get_introduce1_keys(&intro_auth_pubkey,
&intro_enc_keypair, &intro_enc_keypair,
&client_ephemeral_enc_pubkey, &client_ephemeral_enc_pubkey,
subcredential, &subcredential,
&hs_ntor_intro_cell_keys); &hs_ntor_intro_cell_keys);
if (retval < 0) { if (retval < 0) {
goto done; goto done;
@ -188,7 +188,7 @@ client2(int argc, char **argv)
ed25519_public_key_t intro_auth_pubkey; ed25519_public_key_t intro_auth_pubkey;
curve25519_keypair_t client_ephemeral_enc_keypair; curve25519_keypair_t client_ephemeral_enc_keypair;
curve25519_public_key_t service_ephemeral_rend_pubkey; curve25519_public_key_t service_ephemeral_rend_pubkey;
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
/* Output */ /* Output */
hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys; hs_ntor_rend_cell_keys_t hs_ntor_rend_cell_keys;
@ -201,7 +201,7 @@ client2(int argc, char **argv)
CURVE25519_SECKEY_LEN); CURVE25519_SECKEY_LEN);
BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(4, intro_enc_pubkey.public_key, CURVE25519_PUBKEY_LEN);
BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN); BASE16(5, service_ephemeral_rend_pubkey.public_key, CURVE25519_PUBKEY_LEN);
BASE16(6, subcredential, DIGEST256_LEN); BASE16(6, subcredential.subcred, DIGEST256_LEN);
/* Generate keypair */ /* Generate keypair */
curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey, curve25519_public_key_generate(&client_ephemeral_enc_keypair.pubkey,

11
src/test/test_hs_ob.c
View File

@ -190,7 +190,7 @@ test_get_subcredentials(void *arg)
ed25519_keypair_generate(&onion_addr_kp_1, 0); ed25519_keypair_generate(&onion_addr_kp_1, 0);
smartlist_add(config.ob_master_pubkeys, &onion_addr_kp_1.pubkey); smartlist_add(config.ob_master_pubkeys, &onion_addr_kp_1.pubkey);
uint8_t *subcreds = NULL; hs_subcredential_t *subcreds = NULL;
size_t num = hs_ob_get_subcredentials(&config, &subcreds); size_t num = hs_ob_get_subcredentials(&config, &subcreds);
tt_uint_op(num, OP_EQ, 3); tt_uint_op(num, OP_EQ, 3);
@ -200,14 +200,14 @@ test_get_subcredentials(void *arg)
const int steps[3] = {0, -1, 1}; const int steps[3] = {0, -1, 1};
for (unsigned int i = 0; i < num; i++) { for (unsigned int i = 0; i < num; i++) {
uint8_t subcredential[DIGEST256_LEN]; hs_subcredential_t subcredential;
ed25519_public_key_t blinded_pubkey; ed25519_public_key_t blinded_pubkey;
hs_build_blinded_pubkey(&onion_addr_kp_1.pubkey, NULL, 0, tp + steps[i], hs_build_blinded_pubkey(&onion_addr_kp_1.pubkey, NULL, 0, tp + steps[i],
&blinded_pubkey); &blinded_pubkey);
hs_get_subcredential(&onion_addr_kp_1.pubkey, &blinded_pubkey, hs_get_subcredential(&onion_addr_kp_1.pubkey, &blinded_pubkey,
subcredential); &subcredential);
tt_mem_op(&(subcreds[i * sizeof(subcredential)]), OP_EQ, subcredential, tt_mem_op(subcreds[i].subcred, OP_EQ, subcredential.subcred,
sizeof(subcredential)); SUBCRED_LEN);
} }
done: done:
@ -228,4 +228,3 @@ struct testcase_t hs_ob_tests[] = {
END_OF_TESTCASES END_OF_TESTCASES
}; };